US8891506B2 - Method and apparatus for providing mobile IP service through a network address translation gateway - Google Patents

Method and apparatus for providing mobile IP service through a network address translation gateway Download PDF

Info

Publication number
US8891506B2
US8891506B2 US11/460,140 US46014006A US8891506B2 US 8891506 B2 US8891506 B2 US 8891506B2 US 46014006 A US46014006 A US 46014006A US 8891506 B2 US8891506 B2 US 8891506B2
Authority
US
United States
Prior art keywords
mobile
traffic
module
area network
foreign agent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US11/460,140
Other versions
US20080025325A1 (en
Inventor
Jay Strater
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Google Technology Holdings LLC
Original Assignee
Motorola Mobility LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US11/460,140 priority Critical patent/US8891506B2/en
Application filed by Motorola Mobility LLC filed Critical Motorola Mobility LLC
Priority to PCT/US2007/071724 priority patent/WO2008014067A2/en
Publication of US20080025325A1 publication Critical patent/US20080025325A1/en
Assigned to GENERAL INSTRUMENT CORPORATION reassignment GENERAL INSTRUMENT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: STRATER, JAY
Assigned to MOTOROLA MOBILITY LLC reassignment MOTOROLA MOBILITY LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GENERAL INSTRUMENT HOLDINGS, INC.
Assigned to GENERAL INSTRUMENT HOLDINGS, INC. reassignment GENERAL INSTRUMENT HOLDINGS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GENERAL INSTRUMENT CORPORATION
Priority to US14/306,435 priority patent/US9787526B2/en
Publication of US8891506B2 publication Critical patent/US8891506B2/en
Assigned to Google Technology Holdings LLC reassignment Google Technology Holdings LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MOTOROLA MOBILITY LLC
Application granted granted Critical
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • H04L29/12452
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2546Arrangements for avoiding unnecessary translation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2585NAT traversal through application level gateway [ALG]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/06Registration at serving network Location Register, VLR or user mobility server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Definitions

  • the present invention relates generally to packet network communication and routing and, more particularly, to a method and apparatus for providing Mobile internet protocol (IP) service through a network address translation gateway.
  • IP Mobile internet protocol
  • IP Internet Engineering Task Force
  • IETF Internet Engineering Task Force
  • Mobile IP provides an efficient, scalable mechanism for node mobility within the Internet.
  • nodes may change their point-of-attachment to the Internet without changing their IP address, which allows them to maintain transport and higher-layer connections while moving.
  • Mobile IP is a core technology that the cellular community plans on utilizing to allow mobile devices, such as, cell phones, personal digital assistants and wireless lap tops, to move seamlessly from one IP network to another.
  • HA home agents
  • FAs foreign agents
  • CCOA Collocated Care of Address
  • An HA is a router on a mobile node's home network which tunnels datagrams for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node.
  • a FA is a router on a mobile node's visited network which provides routing services to the mobile node while registered. The FA detunnels and delivers datagrams to the mobile node that were tunneled by the mobile node's home agent. For datagrams sent by a mobile node, the FA may serve as a default router for registered mobile nodes.
  • a mobile node's CCOA provides the same function as an FA, but resides within the mobile node. Either FA or mobile node CCOA are used along with a HA.
  • a mobile node When a mobile node detects that it has moved to a foreign network, it obtains a care-of address (COA) on the foreign network.
  • the care-of address can be determined from FA or CCOA, depending in on which is being used.
  • the mobile node operating away from home registers its new care-of address with its HA through exchange of a Registration Request and Registration Reply message with it, possibly via a FA (if used).
  • Datagrams sent to the mobile node's home address are intercepted by its HA, tunneled by the HA to the mobile node's COA, received at the tunnel endpoint (either at a FA or mobile node's CCOA), and finally delivered to the mobile node.
  • a basic assumption that Mobile IP makes is that FA or CCOA are uniquely identifiable by a globally routable IP address. This assumption breaks down when a mobile device attempts to communicate from behind a network address translation (NAT) gateway.
  • NAT network address translation
  • IP devices which communicate from behind a NAT are reachable only through the NAT's public address or addresses.
  • Mobile IP relies on sending traffic via IP-in-IP tunneling; however, IP-in-IP tunneling does not generally contain enough information to permit unique translation from common public addresses to particular care-of addresses (CoA) of an FA or CCOA which resides behind the NAT.
  • CoA care-of addresses
  • TCP transmission control protocol
  • UDP user datagram protocol
  • a gateway between a local area network (LAN) and a wide area network (WAN) is provided.
  • the gateway includes a foreign agent (FA) module, a control module, and a network address translation (NAT) module.
  • the FA module is configured to advertise a care-of address (CoA) on the LAN and process registration and post-registration mobile IP traffic on the LAN and the WAN side of the gateway.
  • the control module is configured to identify the registration and the post-registration mobile IP traffic on the LAN and the WAN to omit network address translation of this traffic during the processing thereof by the FA module.
  • Another aspect of the invention relates to a method of providing a gateway between a local area network and a wide area network.
  • the gateway includes a foreign agent module and a network address translation module. Packets received from the wide area network and the local area network are inspected to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic.
  • IP registration mobile internet protocol
  • the registration mobile IP traffic and the mobile IP communication traffic are processed via the foreign agent module.
  • the other traffic is processed via the network address translation module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
  • Another aspect of the invention relates to a computer readable medium having processor-executable instructions for performing a method of providing a gateway between a local area network and a wide area network.
  • the gateway includes a foreign agent module and a network address translation module. Packets received from the wide area network and the local area network are inspected to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic. The registration mobile IP traffic and the mobile IP communication traffic are processed via the foreign agent module. The other traffic is processed via the network address translation module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
  • IP internet protocol
  • packets received by the gateway are inspected to identify whether each packet is mobile IP traffic or other traffic.
  • Mobile IP traffic is processed by an FA module, and other traffic is processed by a NAT module.
  • network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
  • FIG. 1 is a block diagram depicting an exemplary embodiment of a communication system
  • FIG. 2 is a block diagram depicting an exemplary embodiment of a gateway in accordance with one or more aspects of the invention
  • FIG. 3 is a flow diagram depicting an exemplary embodiment of a method for processing traffic in the gateway of FIG. 2 in accordance with one or more aspects of the invention.
  • FIG. 4 is flow diagram depicting an exemplary embodiment of the flow of messages between a mobile device, a gateway, and a home agent during a registration process in accordance with one or more aspects of the invention
  • FIG. 1 is a block diagram depicting an exemplary embodiment of a communication system 100 .
  • the system 100 includes a mobile device 102 , a local area network (LAN) 104 , a gateway 106 , a wide area network (WAN) 108 (e.g., the Internet), and a home agent (HA) 110 .
  • the mobile device 102 may comprise a mobile telephone, personal digital assistant (PDA), laptop computer, or the like.
  • the LAN 104 comprises a wireless LAN (WLAN), such as an IEEE 802.11 type network or the like, and the mobile device 102 communicates with the LAN 104 using a wireless link.
  • the LAN 104 may be a wired network, such as an Ethernet network or the like, and the mobile device 102 communicates with the LAN 104 using a wired link.
  • the gateway 106 is configured to provide an interface between the LAN 104 and the WAN 108 .
  • the gateway 106 may comprise a home router with or without wireless access point, or like type device.
  • the gateway 106 includes a LAN interface (I/F) 112 configured for communication with the LAN 104 , and a WAN I/F 118 configured for communication with the WAN 108 .
  • the gateway 106 facilitates communication between devices on the LAN 104 , such as the mobile device 102 , and devices on the WAN 108 , such as the HA 110 .
  • the HA 110 may be further coupled to a LAN 111 (e.g., a wireless or wired LAN).
  • the HA 110 may comprise a router or like type device.
  • FIG. 2 is a block diagram depicting an exemplary embodiment of the gateway 106 in accordance with one or more aspects of the invention.
  • the gateway 106 includes a processor block 250 various support circuits 204 , and an I/O interface 202 .
  • the processor block 250 includes one or more processors 201 , a memory 203 , a network address translation (NAT) module 210 , a control module 211 , and an foreign agent (FA) module 212 .
  • the processor(s) 201 may be any type of microprocessor(s) known in the art.
  • the support circuits 204 for the processor block 250 include conventional cache, power supplies, clock circuits, data registers, I/O interfaces, and the like.
  • the I/O interface 202 is coupled to the processor block 250 and includes the LAN I/F 112 and the WAN I/F 118 .
  • the memory 203 may store processor-executable instructions and/or data for execution by and/or use by the processor(s) 201 as described further below. These processor-executable instructions may comprise hardware, firmware, software, and the like, or some combination thereof, and may implement the NAT module 210 , the control module 211 , and the FA module 212 .
  • the program instructions are configured to be executed by the processor 201 to cause the processor 201 to implement the functionalities of the modules 210 , 211 , and 212 .
  • the memory 203 may include one or more of the following random access memory, read only memory, magneto-resistive read/write memory, optical read/write memory, cache memory, magnetic read/write memory, and the like, as well as signal-bearing media as described below.
  • one or more aspects of the invention are disclosed as being implemented as a processor executing a software program, those skilled in the art will appreciate that the invention may be implemented in hardware, software, or a combination of hardware and software. Such implementations may include a number of processors independently executing various programs and dedicated hardware, such as ASICs. In some embodiments, one or more of the functional modules 210 , 211 , and 212 are configured in the processor(s), rather than being stored in the memory 203 as program instructions.
  • FIG. 3 is a flow diagram depicting an exemplary embodiment of a method 300 for processing traffic in the gateway 106 in accordance with one or more aspects of the invention.
  • the mobile device 102 and the HA 110 are configured to implement the Mobile IP protocol as described above. That is, the mobile device 102 is identifiable by a home IP address provided by the HA 110 , regardless of its current point of attachment. For example, the mobile device 102 uses the same home IP address if attached to its home network (i.e., the LAN 111 ) or a foreign network (e.g., the LAN 104 ).
  • the mobile device 102 While situated away from the home network, the mobile device 102 is configured to obtain a care-of address (CoA) from the foreign network.
  • the mobile device 102 is configured to monitor for agent advertisement messages to obtain a CoA within a foreign network and may optionally solicit such an agent advertisement message using an agent solicitation message.
  • the mobile device 102 is configured to register its new CoA with the HA 110 through an exchange of registration request and registration reply messages.
  • the HA 110 is configured to receive IP datagrams destined for the home IP address of the mobile device 102 .
  • the HA 110 is configured to tunnel the received IP datagrams to the CoA address of the mobile device 102 using an IP-in-IP encapsulation.
  • the mobile device 102 may be configured to send IP datagrams to their destination using standard IP routing mechanisms.
  • the mobile device 102 may be configured to employ reverse tunneling with the HA 110 (between FA module 212 and HA 110 ).
  • the mobile device 102 and the HA 110 are configured to operate as a mobile node and a home agent, respectively, defined in IETF RFC 3344.
  • the NAT module 210 is configured to provide network address translation for the gateway 106 . As is well known in the art, NAT involves re-writing the source and/or destination addresses of IP packets as they pass through the gateway 106 .
  • the term “NAT” as used herein is meant to encompass both IP address translation and IP address translation combined with port translation (also referred to as NAPT).
  • the NAT module 210 is further adapted to implement aspects of Mobile IP service, as described below.
  • the FA module 212 provides a foreign agent.
  • the FA module 212 is configured to advertise its presence on the LAN 104 through the LAN I/F 112 using agent advertisement messages.
  • the agent advertisement messages include a CoA address for use by mobile devices connected to the LAN 104 .
  • the FA module 212 uses a WAN-side IP address as the CoA address.
  • the COA address for the FA module 212 is the same address as the WAN address of the gateway 106 .
  • the CoA address of the FA module 212 may be a different IP address to provide an added level of traffic separation between traffic destined for the FA module 212 and standard WAN-side traffic for the gateway 106 .
  • the FA module 212 may obtain a WAN-side IP address using a WAN-side dynamic host configuration protocol (DHCP) or PPPoE (point-to-point protocol over Ethernet) client.
  • DHCP WAN-side dynamic host configuration protocol
  • PPPoE point-to-point protocol over Ethernet
  • a WAN-side IP address could be statically assigned as the CoA address.
  • the control module 211 is configured to classify traffic received via the LAN interface 112 and the WAN interface 118 for processing by either the FA module 212 or the NAT module 210 . Steps performed by the control module 211 are shown in FIG. 3 .
  • the control module 211 inspects a packet received from the LAN 104 and the WAN 108 .
  • the control module 211 identifies whether the packet is mobile IP traffic or other traffic.
  • the Mobile IP traffic may include registration traffic or communication traffic.
  • the control module 211 classifies the traffic for processing by only the FA module 212 . Processing of Mobile IP traffic by the NAT module 210 is omitted.
  • the control module 211 classifies the traffic for processing by the NAT module 210 .
  • the control module 211 may be a separate module implemented by the gateway 106 , as shown in FIG. 2 .
  • the control module 211 comprises a filter module for filtering out Mobile IP traffic for processing by the FA module 212 and preventing processing by the NAT module 210 .
  • the function of the control module 211 is part of the NAT module 210 or the FA module 212 .
  • the FA module 212 is further configured to support Mobile IP registration traffic between the mobile device 102 and the HA 110 .
  • the control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212 .
  • the FA module 212 receives the messages from the mobile device 102 and alters the source IP address and port of the received messages to correspond to the WAN interface for the FA module 212 (the WAN IP address being the CoA of the FA module 212 ).
  • the FA module 212 records the original source IP address and port of the intercepted messages (i.e., the LAN interface of the mobile device 102 ).
  • the FA module 212 then forwards the messages to the HA 110 out of the WAN I/F 118 without involving the function of the NAT 210 module.
  • control module 211 classifies LAN-side Mobile IP registration traffic based on destination port.
  • the destination port for a registration request message is user datagram protocol (UDP) port number 434 .
  • UDP user datagram protocol
  • the control module 211 forwards traffic having a UDP destination port number 434 to the FA module 212 to the exclusion of the NAT module 210 .
  • the control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212 .
  • the FA module 212 receives the messages from the HA 110 , alters the destination IP address and port of the received messages to the LAN interface of the mobile device 102 , which was received and recorded from the corresponding registration request message (the LAN IP address being the mobile device's home address).
  • the FA module 212 then forwards the messages to the mobile device 102 out of the LAN I/F 112 without involving the function of the NAT 210 module.
  • control module 211 classifies WAN-side Mobile IP registration traffic (to be forwarded to the mobile device) based on destination port corresponding to the source port sent in the registration request from the FA module 212 .
  • the control module 211 forwards to the FA module 212 traffic received at the WAN I/F 118 with destination port corresponding to the source port sent in the registration request from the FA 212 to the exclusion of the NAT module 210 and the
  • the FA module 212 is further configured to support Mobile IP communication traffic (bearer traffic) between the mobile device 102 and the HA 110 .
  • the control module 211 is configured to pass the Mobile IP communication traffic to the FA module 212 while omitting processing by the NAT module 212 .
  • the FA module 212 encapsulates the traffic from the mobile device 102 with IP header containing CoA address for IP-to-IP tunneling to the HA 110 out of the WAN I/F 118 without involving the NAT module 210 .
  • control module 211 classifies LAN-side Mobile IP communication traffic based on the home address of the mobile device 102 .
  • the home address of the mobile device 102 is learned during registration by the FA module 212 from the home address field in registration request and reply messages.
  • the control module 211 is configured to forward to the FA module 212 traffic received at the LAN I/F 112 having the home address of the mobile device 102 as the source address. Processing of such traffic by the NAT module 210 is omitted.
  • the control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212 .
  • the FA module 212 decapsulates the traffic from the HA 110 (stripping off the outer IP header) and forward it to the mobile device 102 on the LAN 104 without involving the NAT module 210 .
  • control module 211 classifies WAN-side Mobile IP registration traffic with outer source IP address of the HA 110 as learned from home agent field in registration request and reply messages.
  • the control module 211 is configured to forward to the FA module 212 traffic received at the WAN I/F 118 having the HA 110 address for the outer-header source IP address. Processing of such traffic by the NAT module 210 is omitted.
  • the FA module 212 also includes a WAN-side filter to prevent traffic from any WAN source other that the HA 110 from reaching the mobile device 102 .
  • the FA module 212 prevents any WAN traffic from reaching the mobile device 102 until the FA module 212 receives a Mobile IP registration request from the mobile device 102 .
  • the FA module 212 Upon receipt of the registration request from the mobile device 102 on the LAN-side, the FA module 212 establishes a WAN-side filter that only allows traffic to be received from the source IP address of the HA 110 in the registration request. If Mobile IP registration is successful, the FA module 212 will keep the filter open. The filter can remain open for the length of the Mobile IP session with the HA 110 .
  • FIG. 4 is flow diagram depicting an exemplary embodiment of the flow of messages between the mobile device 102 , the gateway 106 , and the HA 110 during the registration process in accordance with one or more aspects of the invention.
  • An advertisement message of the CoA address of the FA module 212 is sent from the gateway 106 to the mobile device 102 in step 402 .
  • a registration request is transmitted from the mobile device 102 to the HA 110 via the gateway 106 in step 404 .
  • the HA 110 transmits a registration reply to the mobile device 102 via the gateway 106 in step 406 .
  • the circles in FIG. 4 represent FA processing only (no NAT function processing).
  • the approach of the invention requires an additional global address assignment at the gateway 106 only if a unique CoA address is desired. This is by no means required as noted previously.
  • a key advantage of this invention is that no modification of the mobile device 102 or the HA 110 is needed. This is in contrast to other techniques, such as the tunnel protocol described in IETF RFC 3519, where mobile device, foreign agent (if used), and home agent must be modified to support the protocol.
  • An aspect of the invention is implemented as a program product for use with a computer system.
  • Program(s) of the program product defines functions of embodiments and can be contained on a variety of signal-bearing media (computer readable media), which include, but are not limited to: (i) information permanently stored on non-writable storage media (e.g., read-only memory devices within a computer such as CD-ROM or DVD-ROM disks readable by a CD-ROM drive or a DVD drive); (ii) alterable information stored on writable storage media (e.g., floppy disks within a diskette drive or hard-disk drive or read/writable CD or read/writable DVD); or (iii) information stored on a storage medium as a result of having been conveyed to a computer by a communications medium, such as through a computer or telephone network, including wireless communications.
  • the latter embodiment specifically includes information downloaded from the Internet and other networks.
  • Such signal-bearing media when carrying computer-readable
  • IP Mobile internet protocol

Abstract

Method and apparatus for providing Mobile internet protocol (IP) service through a network address translation gateway. In one example, a gateway between a local area network (LAN) and a wide area network (WAN) is provided. A foreign agent (FA) module is configured to advertise a care-of address (CoA) on the LAN and process registration and mobile IP communication traffic on the LAN and the WAN side of the gateway. A control module is configured to identify the registration and the mobile IP communication traffic on the LAN and the WAN. The control module sends mobile IP traffic to the FA and other traffic to a network address translation (NAT) module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.

Description

BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to packet network communication and routing and, more particularly, to a method and apparatus for providing Mobile internet protocol (IP) service through a network address translation gateway.
2. Description of the Background Art
Mobile internet protocol (IP) is an Internet Engineering Task Force (IETF) standard communications protocol that is designed to allow mobile device users to move from one network to another while maintaining the same IP address. Mobile IP is described in IETF RFC 3344, published August 2002 and incorporated by reference herein. Mobile IP provides an efficient, scalable mechanism for node mobility within the Internet. Using Mobile IP, nodes may change their point-of-attachment to the Internet without changing their IP address, which allows them to maintain transport and higher-layer connections while moving. As such, Mobile IP is a core technology that the cellular community plans on utilizing to allow mobile devices, such as, cell phones, personal digital assistants and wireless lap tops, to move seamlessly from one IP network to another.
Mobile IP utilizes home agents (HAs) and foreign agents (FAs), or HAs and a mobile node with Collocated Care of Address (CCOA) element. An HA is a router on a mobile node's home network which tunnels datagrams for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node. A FA is a router on a mobile node's visited network which provides routing services to the mobile node while registered. The FA detunnels and delivers datagrams to the mobile node that were tunneled by the mobile node's home agent. For datagrams sent by a mobile node, the FA may serve as a default router for registered mobile nodes. A mobile node's CCOA provides the same function as an FA, but resides within the mobile node. Either FA or mobile node CCOA are used along with a HA.
When a mobile node detects that it has moved to a foreign network, it obtains a care-of address (COA) on the foreign network. The care-of address can be determined from FA or CCOA, depending in on which is being used. The mobile node operating away from home then registers its new care-of address with its HA through exchange of a Registration Request and Registration Reply message with it, possibly via a FA (if used). Datagrams sent to the mobile node's home address are intercepted by its HA, tunneled by the HA to the mobile node's COA, received at the tunnel endpoint (either at a FA or mobile node's CCOA), and finally delivered to the mobile node.
A basic assumption that Mobile IP makes is that FA or CCOA are uniquely identifiable by a globally routable IP address. This assumption breaks down when a mobile device attempts to communicate from behind a network address translation (NAT) gateway. Typically most home routers, wireless or otherwise, employ NATs (gateway router). IP devices which communicate from behind a NAT are reachable only through the NAT's public address or addresses. Mobile IP relies on sending traffic via IP-in-IP tunneling; however, IP-in-IP tunneling does not generally contain enough information to permit unique translation from common public addresses to particular care-of addresses (CoA) of an FA or CCOA which resides behind the NAT. In particular there are no transmission control protocol (TCP) or user datagram protocol (UDP) port numbers available for a NAT to work with. Therefore, IP-in-IP tunnels used by mobile IP generally cannot pass through a NAT.
Therefore, a need exists for a cost-effective method and apparatus for providing mobile IP service through a NAT gateway.
SUMMARY OF THE INVENTION
Method and apparatus for providing Mobile internet protocol (IP) service through a network address translation gateway. In one embodiment, a gateway between a local area network (LAN) and a wide area network (WAN) is provided. The gateway includes a foreign agent (FA) module, a control module, and a network address translation (NAT) module. The FA module is configured to advertise a care-of address (CoA) on the LAN and process registration and post-registration mobile IP traffic on the LAN and the WAN side of the gateway. The control module is configured to identify the registration and the post-registration mobile IP traffic on the LAN and the WAN to omit network address translation of this traffic during the processing thereof by the FA module.
Another aspect of the invention relates to a method of providing a gateway between a local area network and a wide area network. The gateway includes a foreign agent module and a network address translation module. Packets received from the wide area network and the local area network are inspected to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic. The registration mobile IP traffic and the mobile IP communication traffic are processed via the foreign agent module. The other traffic is processed via the network address translation module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
Another aspect of the invention relates to a computer readable medium having processor-executable instructions for performing a method of providing a gateway between a local area network and a wide area network. The gateway includes a foreign agent module and a network address translation module. Packets received from the wide area network and the local area network are inspected to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic. The registration mobile IP traffic and the mobile IP communication traffic are processed via the foreign agent module. The other traffic is processed via the network address translation module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
Accordingly, packets received by the gateway are inspected to identify whether each packet is mobile IP traffic or other traffic. Mobile IP traffic is processed by an FA module, and other traffic is processed by a NAT module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
BRIEF DESCRIPTION OF THE DRAWINGS
So that the manner in which the above recited features of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only typical embodiments of this invention and are therefore not to be considered limiting of its scope, for the invention may admit to other equally effective embodiments.
FIG. 1 is a block diagram depicting an exemplary embodiment of a communication system;
FIG. 2 is a block diagram depicting an exemplary embodiment of a gateway in accordance with one or more aspects of the invention;
FIG. 3 is a flow diagram depicting an exemplary embodiment of a method for processing traffic in the gateway of FIG. 2 in accordance with one or more aspects of the invention; and
FIG. 4 is flow diagram depicting an exemplary embodiment of the flow of messages between a mobile device, a gateway, and a home agent during a registration process in accordance with one or more aspects of the invention
To facilitate understanding, identical reference numerals have been used, where possible, to designate identical elements that are common to the figures.
DETAILED DESCRIPTION OF THE INVENTION
FIG. 1 is a block diagram depicting an exemplary embodiment of a communication system 100. The system 100 includes a mobile device 102, a local area network (LAN) 104, a gateway 106, a wide area network (WAN) 108 (e.g., the Internet), and a home agent (HA) 110. The mobile device 102 may comprise a mobile telephone, personal digital assistant (PDA), laptop computer, or the like. In one embodiment, the LAN 104 comprises a wireless LAN (WLAN), such as an IEEE 802.11 type network or the like, and the mobile device 102 communicates with the LAN 104 using a wireless link. Alternatively, the LAN 104 may be a wired network, such as an Ethernet network or the like, and the mobile device 102 communicates with the LAN 104 using a wired link.
The gateway 106 is configured to provide an interface between the LAN 104 and the WAN 108. The gateway 106 may comprise a home router with or without wireless access point, or like type device. The gateway 106 includes a LAN interface (I/F) 112 configured for communication with the LAN 104, and a WAN I/F 118 configured for communication with the WAN 108. The gateway 106 facilitates communication between devices on the LAN 104, such as the mobile device 102, and devices on the WAN 108, such as the HA 110. The HA 110 may be further coupled to a LAN 111 (e.g., a wireless or wired LAN). The HA 110 may comprise a router or like type device.
FIG. 2 is a block diagram depicting an exemplary embodiment of the gateway 106 in accordance with one or more aspects of the invention. The gateway 106 includes a processor block 250 various support circuits 204, and an I/O interface 202. The processor block 250 includes one or more processors 201, a memory 203, a network address translation (NAT) module 210, a control module 211, and an foreign agent (FA) module 212. The processor(s) 201 may be any type of microprocessor(s) known in the art. The support circuits 204 for the processor block 250 include conventional cache, power supplies, clock circuits, data registers, I/O interfaces, and the like. The I/O interface 202 is coupled to the processor block 250 and includes the LAN I/F 112 and the WAN I/F 118.
The memory 203 may store processor-executable instructions and/or data for execution by and/or use by the processor(s) 201 as described further below. These processor-executable instructions may comprise hardware, firmware, software, and the like, or some combination thereof, and may implement the NAT module 210, the control module 211, and the FA module 212. The program instructions are configured to be executed by the processor 201 to cause the processor 201 to implement the functionalities of the modules 210, 211, and 212. The memory 203 may include one or more of the following random access memory, read only memory, magneto-resistive read/write memory, optical read/write memory, cache memory, magnetic read/write memory, and the like, as well as signal-bearing media as described below. Although one or more aspects of the invention are disclosed as being implemented as a processor executing a software program, those skilled in the art will appreciate that the invention may be implemented in hardware, software, or a combination of hardware and software. Such implementations may include a number of processors independently executing various programs and dedicated hardware, such as ASICs. In some embodiments, one or more of the functional modules 210, 211, and 212 are configured in the processor(s), rather than being stored in the memory 203 as program instructions.
FIG. 3 is a flow diagram depicting an exemplary embodiment of a method 300 for processing traffic in the gateway 106 in accordance with one or more aspects of the invention. With reference to FIGS. 1, 2, and 3, the mobile device 102 and the HA 110 are configured to implement the Mobile IP protocol as described above. That is, the mobile device 102 is identifiable by a home IP address provided by the HA 110, regardless of its current point of attachment. For example, the mobile device 102 uses the same home IP address if attached to its home network (i.e., the LAN 111) or a foreign network (e.g., the LAN 104). While situated away from the home network, the mobile device 102 is configured to obtain a care-of address (CoA) from the foreign network. The mobile device 102 is configured to monitor for agent advertisement messages to obtain a CoA within a foreign network and may optionally solicit such an agent advertisement message using an agent solicitation message. The mobile device 102 is configured to register its new CoA with the HA 110 through an exchange of registration request and registration reply messages. The HA 110 is configured to receive IP datagrams destined for the home IP address of the mobile device 102. The HA 110 is configured to tunnel the received IP datagrams to the CoA address of the mobile device 102 using an IP-in-IP encapsulation. In the reverse direction, the mobile device 102 may be configured to send IP datagrams to their destination using standard IP routing mechanisms. Alternatively, the mobile device 102 may be configured to employ reverse tunneling with the HA 110 (between FA module 212 and HA 110). In general, the mobile device 102 and the HA 110 are configured to operate as a mobile node and a home agent, respectively, defined in IETF RFC 3344.
The NAT module 210 is configured to provide network address translation for the gateway 106. As is well known in the art, NAT involves re-writing the source and/or destination addresses of IP packets as they pass through the gateway 106. The term “NAT” as used herein is meant to encompass both IP address translation and IP address translation combined with port translation (also referred to as NAPT). The NAT module 210 is further adapted to implement aspects of Mobile IP service, as described below.
The FA module 212 provides a foreign agent. Notably, the FA module 212 is configured to advertise its presence on the LAN 104 through the LAN I/F 112 using agent advertisement messages. The agent advertisement messages include a CoA address for use by mobile devices connected to the LAN 104. The FA module 212 uses a WAN-side IP address as the CoA address. In one embodiment, the COA address for the FA module 212 is the same address as the WAN address of the gateway 106. Alternatively, the CoA address of the FA module 212 may be a different IP address to provide an added level of traffic separation between traffic destined for the FA module 212 and standard WAN-side traffic for the gateway 106. If a unique WAN-side address is desired, the FA module 212 may obtain a WAN-side IP address using a WAN-side dynamic host configuration protocol (DHCP) or PPPoE (point-to-point protocol over Ethernet) client. Alternatively, a WAN-side IP address could be statically assigned as the CoA address.
The control module 211 is configured to classify traffic received via the LAN interface 112 and the WAN interface 118 for processing by either the FA module 212 or the NAT module 210. Steps performed by the control module 211 are shown in FIG. 3. At step 302, the control module 211 inspects a packet received from the LAN 104 and the WAN 108. The control module 211 identifies whether the packet is mobile IP traffic or other traffic. As described below, the Mobile IP traffic may include registration traffic or communication traffic. For Mobile IP traffic, the control module 211 classifies the traffic for processing by only the FA module 212. Processing of Mobile IP traffic by the NAT module 210 is omitted. For the other traffic, the control module 211 classifies the traffic for processing by the NAT module 210. Thus, at step 304, a determination is made whether the packet is mobile IP traffic. If so, the method 300 proceeds to step 306, where the packet is processed by the FA module 212. Otherwise, the method 300 proceeds to step 308, where the packet is processed by the NAT module 210. From steps 306 and 308, the method 300 proceeds to step 310, where the packet is sent via the WAN 108 or the LAN 104. The method 300 is repeated for each packet.
In this manner, network address translation for Mobile IP traffic is omitted. The control module 211 may be a separate module implemented by the gateway 106, as shown in FIG. 2. In one embodiment, the control module 211 comprises a filter module for filtering out Mobile IP traffic for processing by the FA module 212 and preventing processing by the NAT module 210. In another embodiment, rather than through a separate module, the function of the control module 211 is part of the NAT module 210 or the FA module 212.
The FA module 212 is further configured to support Mobile IP registration traffic between the mobile device 102 and the HA 110. The control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212. For registration request messages received at the LAN I/F 112, the FA module 212 receives the messages from the mobile device 102 and alters the source IP address and port of the received messages to correspond to the WAN interface for the FA module 212 (the WAN IP address being the CoA of the FA module 212). The FA module 212 records the original source IP address and port of the intercepted messages (i.e., the LAN interface of the mobile device 102). The FA module 212 then forwards the messages to the HA 110 out of the WAN I/F 118 without involving the function of the NAT 210 module.
In one embodiment, the control module 211 classifies LAN-side Mobile IP registration traffic based on destination port. In the Mobile IP protocol, the destination port for a registration request message is user datagram protocol (UDP) port number 434. The control module 211 forwards traffic having a UDP destination port number 434 to the FA module 212 to the exclusion of the NAT module 210.
For registration reply messages received at the WAN I/F 118, the control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212. The FA module 212 receives the messages from the HA 110, alters the destination IP address and port of the received messages to the LAN interface of the mobile device 102, which was received and recorded from the corresponding registration request message (the LAN IP address being the mobile device's home address). The FA module 212 then forwards the messages to the mobile device 102 out of the LAN I/F 112 without involving the function of the NAT 210 module.
In one embodiment, the control module 211 classifies WAN-side Mobile IP registration traffic (to be forwarded to the mobile device) based on destination port corresponding to the source port sent in the registration request from the FA module 212. The control module 211 forwards to the FA module 212 traffic received at the WAN I/F 118 with destination port corresponding to the source port sent in the registration request from the FA 212 to the exclusion of the NAT module 210 and the
The FA module 212 is further configured to support Mobile IP communication traffic (bearer traffic) between the mobile device 102 and the HA 110. Again, the control module 211 is configured to pass the Mobile IP communication traffic to the FA module 212 while omitting processing by the NAT module 212. For Mobile IP communication traffic received at the LAN I/F 112, the FA module 212 encapsulates the traffic from the mobile device 102 with IP header containing CoA address for IP-to-IP tunneling to the HA 110 out of the WAN I/F 118 without involving the NAT module 210.
In one embodiment, the control module 211 classifies LAN-side Mobile IP communication traffic based on the home address of the mobile device 102. The home address of the mobile device 102 is learned during registration by the FA module 212 from the home address field in registration request and reply messages. The control module 211 is configured to forward to the FA module 212 traffic received at the LAN I/F 112 having the home address of the mobile device 102 as the source address. Processing of such traffic by the NAT module 210 is omitted.
For Mobile IP traffic received at the WAN I/F 118, the control module 211 is configured to pass the Mobile IP registration traffic to the FA module 212 while omitting processing by the NAT module 212. The FA module 212 decapsulates the traffic from the HA 110 (stripping off the outer IP header) and forward it to the mobile device 102 on the LAN 104 without involving the NAT module 210.
In one embodiment, the control module 211 classifies WAN-side Mobile IP registration traffic with outer source IP address of the HA 110 as learned from home agent field in registration request and reply messages. The control module 211 is configured to forward to the FA module 212 traffic received at the WAN I/F 118 having the HA 110 address for the outer-header source IP address. Processing of such traffic by the NAT module 210 is omitted.
In one embodiment, the FA module 212 also includes a WAN-side filter to prevent traffic from any WAN source other that the HA 110 from reaching the mobile device 102. Notably, the FA module 212 prevents any WAN traffic from reaching the mobile device 102 until the FA module 212 receives a Mobile IP registration request from the mobile device 102. Upon receipt of the registration request from the mobile device 102 on the LAN-side, the FA module 212 establishes a WAN-side filter that only allows traffic to be received from the source IP address of the HA 110 in the registration request. If Mobile IP registration is successful, the FA module 212 will keep the filter open. The filter can remain open for the length of the Mobile IP session with the HA 110.
FIG. 4 is flow diagram depicting an exemplary embodiment of the flow of messages between the mobile device 102, the gateway 106, and the HA 110 during the registration process in accordance with one or more aspects of the invention. An advertisement message of the CoA address of the FA module 212 is sent from the gateway 106 to the mobile device 102 in step 402. Then a registration request is transmitted from the mobile device 102 to the HA 110 via the gateway 106 in step 404. Subsequently, the HA 110 transmits a registration reply to the mobile device 102 via the gateway 106 in step 406. Notably, the circles in FIG. 4 represent FA processing only (no NAT function processing).
It should be noted that the approach of the invention requires an additional global address assignment at the gateway 106 only if a unique CoA address is desired. This is by no means required as noted previously. A key advantage of this invention is that no modification of the mobile device 102 or the HA 110 is needed. This is in contrast to other techniques, such as the tunnel protocol described in IETF RFC 3519, where mobile device, foreign agent (if used), and home agent must be modified to support the protocol.
An aspect of the invention is implemented as a program product for use with a computer system. Program(s) of the program product defines functions of embodiments and can be contained on a variety of signal-bearing media (computer readable media), which include, but are not limited to: (i) information permanently stored on non-writable storage media (e.g., read-only memory devices within a computer such as CD-ROM or DVD-ROM disks readable by a CD-ROM drive or a DVD drive); (ii) alterable information stored on writable storage media (e.g., floppy disks within a diskette drive or hard-disk drive or read/writable CD or read/writable DVD); or (iii) information stored on a storage medium as a result of having been conveyed to a computer by a communications medium, such as through a computer or telephone network, including wireless communications. The latter embodiment specifically includes information downloaded from the Internet and other networks. Such signal-bearing media, when carrying computer-readable instructions that direct functions of the invention, represent embodiments of the invention.
Method and apparatus for providing Mobile internet protocol (IP) service through a network address translation gateway has been described. Packets received by the gateway are inspected to identify whether each packet is mobile IP traffic or other traffic. Mobile IP traffic is processed by an FA module, and other traffic is processed by a NAT module. In this manner, network address translation of mobile IP traffic is advantageously omitted. This allows the IP-in-IP tunnels used by mobile IP to pass through the gateway.
While various embodiments have been described above, it should be understood that they are presented by way of example only, and not limiting. For example, although the invention disclosed herein was discussed in connection with mobile IP services in the exemplary embodiments, one skilled in the art would recognize that the method and system disclosed herein can also be used in connection with other forms of wireless communication. Thus, the breadth and scope of a preferred embodiment should not be limited by any of the above-described exemplary embodiments, but should be defined only in accordance with the following claims and their equivalents.

Claims (19)

What is claimed is:
1. Apparatus for providing a gateway between a local area network and a wide area network, comprising:
a network address translation (NAT) module embodied in hardware, wherein the NAT module is configured to provide network address translation for the gateway;
a foreign agent module embodied in hardware for advertising a care-of address on the local area network and processing registration and mobile internet protocol (IP) communication traffic on the local area network and the wide area network; and
a control module embodied in hardware for identifying the registration and the mobile IP communication traffic to omit processing thereof by the network address translation module, thereby omitting network address translation by the network address translation module for the registration and mobile IP communication traffic, and processing the registration and the mobile IP communication traffic by the foreign agent module, wherein the control module comprises a filter module embodied in hardware configured to filter traffic from the local area network and the wide area network to provide the registration and the mobile IP communication traffic to the foreign agent module and to provide remaining traffic to the network address translation module.
2. The apparatus of claim 1, wherein the care-of address is a wide area network-side IP address of the gateway or a separate wide area network-side IP address statically or dynamically assigned to the foreign agent module.
3. The apparatus of claim 1, wherein the foreign agent module is configured to:
receive registration request messages from mobile devices through the local area network;
alter a source IP address and a port of each of the registration request messages to correspond to a wide area network interface for the foreign agent module; and
forward the registration request messages to home agents through the wide area network;
and wherein the control module is configured to:
identify the registration request messages as mobile IP messaging traffic based on destination port value; and
forward the registration request messages to the foreign agent module to the exclusion of the network address translation module.
4. The apparatus of claim 3, wherein the foreign agent module is further configured to:
receive registration reply messages from the home agents over the wide area network;
alter a destination IP address and a port of each of the registration reply messages to a local area network interface of a corresponding one of the mobile devices;
and wherein the control module is further configured to:
identify the registration reply messages as mobile IP messaging traffic based on destination port value; and
forward the registration reply messages to the foreign agent module to the exclusion of the network address translation module.
5. The apparatus of claim 1, wherein the foreign agent module is configured to:
receive first mobile IP communication traffic from mobile devices over the local area network;
encapsulate the first post registration traffic with an IP header containing the care-of address for IP-to-IP tunneling through the wide area network to home agents;
and wherein the control module is configured to:
identify the first mobile IP communication traffic as mobile IP traffic based on source address being home addresses of the mobile devices; and
forward the first mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
6. The apparatus of claim 5, wherein the foreign agent module is further configured to:
receive second mobile IP communication traffic from the home agents over the wide area network;
decapsulate the second post registration traffic; and
forward the second post registration traffic to the mobile devices on the local area network;
and wherein the control module is further configured to:
identify the second mobile IP communication traffic as mobile IP traffic based on source address; and
forward the second mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
7. The apparatus of claim 1, wherein the foreign agent module is configured to establish a filter for the wide area network.
8. A method of providing a gateway between a local area network and a wide area network, the gateway having a foreign agent module and a network address translation (NAT) module, the method comprising:
inspecting packets received from the wide area network and the local area network to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic;
processing the registration mobile IP traffic and the mobile IP communication traffic via the foreign agent module and not processing the registration mobile IP traffic via the network address translation module; and
processing the other traffic via the network address translation module, wherein network address translation is omitted for the registration mobile IP traffic and the mobile IP communication traffic,
wherein the NAT module is configured to provide network address translation for the gateway, and further, wherein the step of inspecting comprises filtering traffic from the local area network and the wide area network to provide the registration mobile IP traffic and the mobile IP communication traffic to the foreign agent module and to provide the other traffic to the network address translation module.
9. The method of claim 8, further comprising:
advertising a care-of address on the local area network via the foreign agent module;
wherein the care-of address is a wide area network-side IP address of the gateway or a separate wide area network-side IP address statically or dynamically assigned to the foreign agent module.
10. The method of claim 9, wherein the step of processing via the foreign agent module comprises:
receiving a registration request message from a mobile device through the local area network;
altering a source IP address and a port of the registration request message to correspond to a wide area network interface for the foreign agent module; and
forwarding the registration request message to a home agent through the wide area network;
and wherein the step of inspecting comprises:
identifying the registration request message as mobile IP messaging traffic based on destination port value; and
forwarding the registration request message to the foreign agent module to the exclusion of the network address translation module.
11. The method of claim 10, wherein the step of processing via the foreign agent module further comprises:
receiving a registration reply message from the home agent over the wide area network; and
altering a destination IP address and a port of the registration reply message to a local area network interface of the mobile device;
and wherein the step of inspecting further comprises:
identifying the registration reply message as mobile IP messaging traffic based on destination port value; and
forwarding the registration reply message to the foreign agent module to the exclusion of the network address translation module.
12. The method of claim 9, wherein the step of processing via the foreign agent module comprises:
receiving first mobile IP communication traffic from a mobile device over the local area network; and
encapsulating the first mobile IP communication traffic with an IP header containing the care-of address for IP-to-IP tunneling through the wide area network to a home agent;
and wherein the step of inspecting comprises:
identifying the first mobile IP communication traffic as mobile IP traffic based on source address being a home address of the mobile device; and
forwarding the first mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
13. The method of claim 12, wherein the step of processing via the foreign agent module further comprises:
receiving second mobile IP communication traffic from the home agent over the wide area network;
decapsulating the second mobile IP communication traffic; and
forwarding the second mobile IP communication traffic to the mobile device on the local area network
and wherein the step of inspecting further comprises:
identifying the second mobile IP communication traffic as mobile IP traffic based on source address; and
forwarding the second mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
14. The method of claim 8, further comprising:
establishing a filter for the wide area network.
15. A non-transitory computer readable storage medium having stored thereon instructions that, when executed by a processor, cause the processor to perform a method of providing a gateway between a local area network and a wide area network, the gateway having a foreign agent module and a network address translation (NAT) module, the method comprising:
inspecting packets received from the wide area network and the local area network to identify whether each of the packets is registration mobile internet protocol (IP) traffic, mobile IP communication traffic, or other traffic;
processing the registration mobile IP traffic and the mobile IP communication traffic via the foreign agent module and not processing the registration mobile IP traffic via the network address translation module; and
processing the other traffic via the network address translation module, wherein network address translation is omitted for the registration mobile IP traffic and the mobile IP communication traffic,
wherein the NAT module is configured to provide network address translation for the gateway, and further, wherein the step of inspecting comprises filtering traffic from the local area network and the wide area network to provide the registration mobile IP traffic and the mobile IP communication traffic to the foreign agent module and to provide the other traffic to the network address translation module.
16. The computer readable medium of claim 15, wherein the step of processing via the foreign agent module comprises:
receiving a registration request message from a mobile device through the local area network;
altering a source IP address and a port of the registration request message to correspond to a wide area network interface for the foreign agent module; and
forwarding the registration request message to a home agent through the wide area network;
and wherein the step of inspecting comprises:
identifying the registration request message as mobile IP messaging traffic based on destination port value; and
forwarding the registration request message to the foreign agent module to the exclusion of the network address translation module.
17. The computer readable medium of claim 16, wherein the step of processing via the foreign agent module further comprises:
receiving a registration reply message from the home agent over the wide area network; and
altering a destination IP address and a port of the registration reply message to a local area network interface of the mobile device;
and wherein the step of inspecting further comprises:
identifying the registration reply message as mobile IP messaging traffic based on destination port value; and
forwarding the registration reply message to the foreign agent module to the exclusion of the network address translation module.
18. The computer readable medium of claim 15, wherein the step of processing via the foreign agent module comprises:
receiving first mobile IP communication traffic from a mobile device over the local area network; and
encapsulating the first mobile IP communication traffic with an IP header containing a care-of address for IP-to-IP tunneling through the wide area network to a home agent;
and wherein the step of inspecting comprises:
identifying the first mobile IP communication traffic as mobile IP traffic based on source address being a home address of the mobile device; and
forwarding the first mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
19. The computer readable medium of claim 18, wherein the step of processing via the foreign agent module further comprises:
receiving second mobile IP communication traffic from the home agent over the wide area network;
decapsulating the second mobile IP communication traffic; and
forwarding the second mobile IP communication traffic to the mobile device on the local area network
and wherein the step of inspecting further comprises:
identifying the second mobile IP communication traffic as mobile IP traffic based on source address; and
forwarding the second mobile IP communication traffic to the foreign agent module to the exclusion of the network address translation module.
US11/460,140 2006-07-26 2006-07-26 Method and apparatus for providing mobile IP service through a network address translation gateway Active 2027-11-03 US8891506B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US11/460,140 US8891506B2 (en) 2006-07-26 2006-07-26 Method and apparatus for providing mobile IP service through a network address translation gateway
PCT/US2007/071724 WO2008014067A2 (en) 2006-07-26 2007-06-21 Method and apparatus for providing mobile ip service through a network address translation gateway
US14/306,435 US9787526B2 (en) 2006-07-26 2014-06-17 Method and apparatus for providing mobile IP service through a network address translation gateway

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/460,140 US8891506B2 (en) 2006-07-26 2006-07-26 Method and apparatus for providing mobile IP service through a network address translation gateway

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/306,435 Continuation US9787526B2 (en) 2006-07-26 2014-06-17 Method and apparatus for providing mobile IP service through a network address translation gateway

Publications (2)

Publication Number Publication Date
US20080025325A1 US20080025325A1 (en) 2008-01-31
US8891506B2 true US8891506B2 (en) 2014-11-18

Family

ID=38982171

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/460,140 Active 2027-11-03 US8891506B2 (en) 2006-07-26 2006-07-26 Method and apparatus for providing mobile IP service through a network address translation gateway
US14/306,435 Expired - Fee Related US9787526B2 (en) 2006-07-26 2014-06-17 Method and apparatus for providing mobile IP service through a network address translation gateway

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/306,435 Expired - Fee Related US9787526B2 (en) 2006-07-26 2014-06-17 Method and apparatus for providing mobile IP service through a network address translation gateway

Country Status (2)

Country Link
US (2) US8891506B2 (en)
WO (1) WO2008014067A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150188920A1 (en) * 2007-08-13 2015-07-02 Apple Inc. New Diameter Signaling for Mobile IPv4

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8412207B2 (en) * 2006-12-21 2013-04-02 Core Wireless Licensing S.A.R.L. Method of providing a mobility service
US8385300B2 (en) * 2008-10-03 2013-02-26 Cisco Technology, Inc. Internet protocol address management for communicating packets in a network environment
CN102076046B (en) * 2011-02-22 2013-04-24 中国科学院计算技术研究所 Single-interface seamless switching method and system for mobile internet protocol (IP) system
US20130003653A1 (en) * 2011-06-30 2013-01-03 Alcatel-Lucent Usa Inc. Method And Apparatus For Facilitating Home Network Access
US20150063150A1 (en) * 2013-09-04 2015-03-05 Qualcomm Incorporated Measurement reporting in unlicensed spectrum
CN115550307A (en) * 2022-09-20 2022-12-30 中国银行股份有限公司 Service processing method, service end, user end and system based on block chain

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6163843A (en) 1996-10-25 2000-12-19 Kabushiki Kaisha Toshiba Packet inspection device, mobile computer and packet transfer method in mobile computing with improved mobile computer authenticity check scheme
US6298063B1 (en) * 1995-11-03 2001-10-02 Cisco Technology, Inc. System and method for providing backup machines for implementing multiple IP addresses on multiple ports
US20020018456A1 (en) * 2000-07-26 2002-02-14 Mitsuaki Kakemizu VPN system in mobile IP network, and method of setting VPN
US6507908B1 (en) * 1999-03-04 2003-01-14 Sun Microsystems, Inc. Secure communication with mobile hosts
US6728536B1 (en) * 2000-05-02 2004-04-27 Telefonaktiebolaget Lm Ericsson Method and system for combined transmission of access specific access independent and application specific information over public IP networks between visiting and home networks
US6985479B2 (en) * 2002-03-04 2006-01-10 Qualcomm Incorporated Method and apparatus for processing internet protocol transmissions
US7149229B1 (en) * 1999-01-08 2006-12-12 Cisco Technology, Inc. Mobile IP accounting
US7342894B2 (en) * 2002-04-03 2008-03-11 Qualcomm Incorporated System and method for transparent Mobile IP registration within PPP negotiation
US7356020B2 (en) * 2002-04-08 2008-04-08 Qualcomm Incorporated Support of disparate addressing plans and dynamic HA address allocation in mobile IP

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6068640A (en) * 1997-02-28 2000-05-30 Medjet Inc. Removal of corneal epithelium
US7079499B1 (en) * 1999-09-08 2006-07-18 Nortel Networks Limited Internet protocol mobility architecture framework
KR100383587B1 (en) * 2001-08-16 2003-05-14 삼성전자주식회사 Mobile internet protocol system and it's routing optimization method
US7505432B2 (en) * 2003-04-28 2009-03-17 Cisco Technology, Inc. Methods and apparatus for securing proxy Mobile IP
JP3972880B2 (en) * 2003-09-22 2007-09-05 日本電気株式会社 Mobile communication system and method, apparatus, and control program

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6298063B1 (en) * 1995-11-03 2001-10-02 Cisco Technology, Inc. System and method for providing backup machines for implementing multiple IP addresses on multiple ports
US6163843A (en) 1996-10-25 2000-12-19 Kabushiki Kaisha Toshiba Packet inspection device, mobile computer and packet transfer method in mobile computing with improved mobile computer authenticity check scheme
US7149229B1 (en) * 1999-01-08 2006-12-12 Cisco Technology, Inc. Mobile IP accounting
US6507908B1 (en) * 1999-03-04 2003-01-14 Sun Microsystems, Inc. Secure communication with mobile hosts
US6728536B1 (en) * 2000-05-02 2004-04-27 Telefonaktiebolaget Lm Ericsson Method and system for combined transmission of access specific access independent and application specific information over public IP networks between visiting and home networks
US20020018456A1 (en) * 2000-07-26 2002-02-14 Mitsuaki Kakemizu VPN system in mobile IP network, and method of setting VPN
US7068640B2 (en) * 2000-07-26 2006-06-27 Fujitsu Limited VPN system in mobile IP network, and method of setting VPN
US6985479B2 (en) * 2002-03-04 2006-01-10 Qualcomm Incorporated Method and apparatus for processing internet protocol transmissions
US7342894B2 (en) * 2002-04-03 2008-03-11 Qualcomm Incorporated System and method for transparent Mobile IP registration within PPP negotiation
US7356020B2 (en) * 2002-04-08 2008-04-08 Qualcomm Incorporated Support of disparate addressing plans and dynamic HA address allocation in mobile IP

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PCT Search Report and Written Opinion, PCT/US2007/71724, Dated Jul. 21, 2008.

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150188920A1 (en) * 2007-08-13 2015-07-02 Apple Inc. New Diameter Signaling for Mobile IPv4
US9578029B2 (en) * 2007-08-13 2017-02-21 Apple Inc. Diameter signaling for mobile IPv4
US9871793B2 (en) 2007-08-13 2018-01-16 Apple Inc. Diameter signaling for mobile IPv4

Also Published As

Publication number Publication date
US20080025325A1 (en) 2008-01-31
WO2008014067A2 (en) 2008-01-31
US20140301411A1 (en) 2014-10-09
WO2008014067A3 (en) 2008-09-25
US9787526B2 (en) 2017-10-10

Similar Documents

Publication Publication Date Title
US9787526B2 (en) Method and apparatus for providing mobile IP service through a network address translation gateway
US7685317B2 (en) Layering mobile and virtual private networks using dynamic IP address management
AU2002360800B2 (en) Methods and apparatus for implementing NAT traversal in mobile IP
US7269173B2 (en) Roaming in a communications network
US8553689B2 (en) Home agent acting as a proxy for a Mobile Node
US7031328B2 (en) Arrangement for traversing an IPv4 network by IPv6 mobile routers
US8005093B2 (en) Providing connection between networks using different protocols
US9154993B1 (en) Mobile-IPv6 encapsulation for wireless networks
US20070088853A1 (en) Communication method between IPv6 mobile node and IPv4-based node using DSTM in MIPv6 environment
US7623500B2 (en) Method and system for maintaining a secure tunnel in a packet-based communication system
JP2005532744A (en) How to encapsulate Internet Protocol messages
US7286512B1 (en) System and method for supporting alternative addressessing in a mobile network
JP5016030B2 (en) Method and apparatus for dual-stack mobile node roaming in an IPv4 network
US9432835B2 (en) Method and system for routing data to a mobile node in a foreign network
US20050136924A1 (en) Method, apparatus and system for enabling roaming mobile nodes to utilize private home IP addresses
US7599370B1 (en) Methods and apparatus for optimizing NAT traversal in Mobile IP
Kuntz et al. Versatile IPv6 mobility deployment with dual stack mobile IPv6
Al-Kasasbeh et al. Indirect routing of mobile ip: A non-encapsulation approach

Legal Events

Date Code Title Description
AS Assignment

Owner name: GENERAL INSTRUMENT CORPORATION, PENNSYLVANIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:STRATER, JAY;REEL/FRAME:020934/0592

Effective date: 20080512

AS Assignment

Owner name: MOTOROLA MOBILITY LLC, ILLINOIS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GENERAL INSTRUMENT HOLDINGS, INC.;REEL/FRAME:030866/0113

Effective date: 20130528

Owner name: GENERAL INSTRUMENT HOLDINGS, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GENERAL INSTRUMENT CORPORATION;REEL/FRAME:030764/0575

Effective date: 20130415

STCF Information on status: patent grant

Free format text: PATENTED CASE

AS Assignment

Owner name: GOOGLE TECHNOLOGY HOLDINGS LLC, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MOTOROLA MOBILITY LLC;REEL/FRAME:034371/0612

Effective date: 20141028

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551)

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8